diff options
Diffstat (limited to 'src/or/circuituse.c')
| -rw-r--r-- | src/or/circuituse.c | 42 |
1 files changed, 30 insertions, 12 deletions
diff --git a/src/or/circuituse.c b/src/or/circuituse.c index 2c724dee05..84574cd5b9 100644 --- a/src/or/circuituse.c +++ b/src/or/circuituse.c @@ -203,7 +203,7 @@ circuit_is_better(const origin_circuit_t *oa, const origin_circuit_t *ob, timercmp(&a->timestamp_began, &b->timestamp_began, OP_GT)) return 1; if (ob->build_state->is_internal) - /* XXX023 what the heck is this internal thing doing here. I + /* XXXX++ what the heck is this internal thing doing here. I * think we can get rid of it. circuit_is_acceptable() already * makes sure that is_internal is exactly what we need it to * be. -RD */ @@ -222,7 +222,7 @@ circuit_is_better(const origin_circuit_t *oa, const origin_circuit_t *ob, break; } - /* XXXX023 Maybe this check should get a higher priority to avoid + /* XXXX Maybe this check should get a higher priority to avoid * using up circuits too rapidly. */ a_bits = connection_edge_update_circuit_isolation(conn, @@ -788,6 +788,8 @@ static time_t last_expired_clientside_circuits = 0; * As a diagnostic for bug 8387, log information about how many one-hop * circuits we have around that have been there for at least <b>age</b> * seconds. Log a few of them. + * Ignores Single Onion Service intro and Tor2web redezvous circuits, they are + * expected to be long-term one-hop circuits. */ void circuit_log_ancient_one_hop_circuits(int age) @@ -797,6 +799,7 @@ circuit_log_ancient_one_hop_circuits(int age) time_t cutoff = now - age; int n_found = 0; smartlist_t *log_these = smartlist_new(); + const or_options_t *options = get_options(); SMARTLIST_FOREACH_BEGIN(circuit_get_global_list(), circuit_t *, circ) { const origin_circuit_t *ocirc; @@ -804,6 +807,19 @@ circuit_log_ancient_one_hop_circuits(int age) continue; if (circ->timestamp_created.tv_sec >= cutoff) continue; + /* Single Onion Services deliberately make long term one-hop intro + * connections. We only ignore active intro point connections, if we take + * a long time establishing, that's worth logging. */ + if (rend_service_allow_non_anonymous_connection(options) && + circ->purpose == CIRCUIT_PURPOSE_S_INTRO) + continue; + /* Tor2web deliberately makes long term one-hop rend connections, + * particularly when Tor2webRendezvousPoints is used. We only ignore + * active rend point connections, if we take a long time to rendezvous, + * that's worth logging. */ + if (rend_client_allow_non_anonymous_connection(options) && + circ->purpose == CIRCUIT_PURPOSE_C_REND_JOINED) + continue; ocirc = CONST_TO_ORIGIN_CIRCUIT(circ); if (ocirc->build_state && ocirc->build_state->onehop_tunnel) { @@ -839,7 +855,7 @@ circuit_log_ancient_one_hop_circuits(int age) tor_asprintf(&dirty, "Dirty since %s (%ld seconds vs %ld-second cutoff)", dirty_since, (long)(now - circ->timestamp_dirty), - (long) get_options()->MaxCircuitDirtiness); + (long) options->MaxCircuitDirtiness); } else { dirty = tor_strdup("Not marked dirty"); } @@ -1067,7 +1083,7 @@ circuit_predict_and_launch_new(void) if (rep_hist_get_predicted_internal(now, &hidserv_needs_uptime, &hidserv_needs_capacity) && ((num_uptime_internal<2 && hidserv_needs_uptime) || - num_internal<2) + num_internal<3) && router_have_consensus_path() != CONSENSUS_PATH_UNKNOWN) { if (hidserv_needs_uptime) flags |= CIRCLAUNCH_NEED_UPTIME; @@ -1936,8 +1952,8 @@ circuit_get_open_circ_or_launch(entry_connection_t *conn, return -1; } } else { - /* XXXX024 Duplicates checks in connection_ap_handshake_attach_circuit: - * refactor into a single function? */ + /* XXXX Duplicates checks in connection_ap_handshake_attach_circuit: + * refactor into a single function. */ const node_t *node = node_get_by_nickname(conn->chosen_exit_name, 1); int opt = conn->chosen_exit_optional; if (node && !connection_ap_can_use_exit(conn, node)) { @@ -2028,7 +2044,8 @@ circuit_get_open_circ_or_launch(entry_connection_t *conn, char *hexdigest = conn->chosen_exit_name+1; tor_addr_t addr; if (strlen(hexdigest) < HEX_DIGEST_LEN || - base16_decode(digest,DIGEST_LEN,hexdigest,HEX_DIGEST_LEN)<0) { + base16_decode(digest,DIGEST_LEN, + hexdigest,HEX_DIGEST_LEN) != DIGEST_LEN) { log_info(LD_DIR, "Broken exit digest on tunnel conn. Closing."); return -1; } @@ -2146,10 +2163,11 @@ optimistic_data_enabled(void) { const or_options_t *options = get_options(); if (options->OptimisticData < 0) { - /* XXX023 consider having auto default to 1 rather than 0 before - * the 0.2.3 branch goes stable. See bug 3617. -RD */ + /* Note: this default was 0 before #18815 was merged. We can't take the + * parameter out of the consensus until versions before that are all + * obsolete. */ const int32_t enabled = - networkstatus_get_param(NULL, "UseOptimisticData", 0, 0, 1); + networkstatus_get_param(NULL, "UseOptimisticData", /*default*/ 1, 0, 1); return (int)enabled; } return options->OptimisticData; @@ -2415,7 +2433,7 @@ connection_ap_handshake_attach_circuit(entry_connection_t *conn) /* find the circuit that we should use, if there is one. */ retval = circuit_get_open_circ_or_launch( conn, CIRCUIT_PURPOSE_C_GENERAL, &circ); - if (retval < 1) // XXX023 if we totally fail, this still returns 0 -RD + if (retval < 1) // XXXX++ if we totally fail, this still returns 0 -RD return retval; log_debug(LD_APP|LD_CIRC, @@ -2590,7 +2608,7 @@ mark_circuit_unusable_for_new_conns(origin_circuit_t *circ) const or_options_t *options = get_options(); tor_assert(circ); - /* XXXX025 This is a kludge; we're only keeping it around in case there's + /* XXXX This is a kludge; we're only keeping it around in case there's * something that doesn't check unusable_for_new_conns, and to avoid * deeper refactoring of our expiration logic. */ if (! circ->base_.timestamp_dirty) |